Managed Security Services and MSPs: Tackling the Challenges

I recently attended Cloud Expo Europe and was fascinated by the sheer diversity of the event. I was also surprised to see that the MSP and Cloud community is still working hard to educate the market as to the benefits of the various service-based models. This reminded me of the security market ten years ago, with vendors using great creativity to educate the business community.

From my unique security perspective I wanted to understand how the MSP community is providing security services to their customer base. Very few of the people I have spoken with had a clear understanding of the importance of security and those who did had negative views based on previous experiences of trying to integrate security technologies for their customers.

As a representative of the IT security community I wanted to understand why this was the case. The consistent feedback I obtained is that the IT security community is lagging behind when it comes to providing the MSP community with service-based solutions to offer their customers.

What MSPs Want from Security Solutions

The feedback fell into two broad categories; first was that from a technology perspective there is a lack of security solutions that have been designed specifically to be deployed as a service. Second was the lack of a commercial proposition that enables the MSP to sell effectively.

The reason most security solutions do not provide a managed service solution is because most products have been in existence since before the boom in the managed service market. Most security products have been designed for on premise deployment only. For the MSP this can result in complexity as they either manage aspects of the customer’s security infrastructure on premise or they have to deploy the technology in a single tenant manner for each customer and host the technology in their own data center.

Go-to-Market Strategies for Managed Security

From a commercial perspective because most security solutions deployed are on premise, the security vendor community is cautious about offering “pay as you go” pricing in case they cannibalize their existing installed base. Further, most security vendors provide product in a hardware form factor and so they recognize revenue up front. Their whole business model is structured accordingly.

The security community is starting to recognize the value of partnering with the MSP community, and vendors are starting to offer virtual solutions, SaaS solutions and in some instances true multi-tenanted server software. But until security vendors provide solutions that address both the commercial and technical obstacles both the MSP and their customers will be left facing compromises to the managed service concept.

In 2013 I predict significant growth in managed security services driven by the need to authenticate users when accessing hosted applications and resources and also the need to manage mobile device identity and usage. I hope my peers in the security market rise to the challenge and support the MSP community.

Tim Ager is CEO at Celestix Networks, which develops multi-tenant two-factor authentication solutions for MSPs and their customers.